<%@ taglib prefix="sec" uri="http://www.springframework.org/security/tags"%>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>

<!DOCTYPE html>
<html lang="en">
  <head>
    <title>Hello Security</title>
    <c:url var="faviconUrl" value="/img/favicon.ico"/>
    <link rel="icon" type="image/x-icon" href="${faviconUrl}"/>
    <c:url var="bootstrapUrl" value="/css/bootstrap.css"/>
    <link href="${bootstrapUrl}" rel="stylesheet"></link>
    <c:url var="bootstrapResponsiveUrl" value="/css/bootstrap-responsive.css"/>
    <link href="${bootstrapResponsiveUrl}" rel="stylesheet"></link>
    <!-- HTML5 shim, for IE6-8 support of HTML5 elements -->
    <!--[if lt IE 9]>
      <script src="http://html5shim.googlecode.com/svn/trunk/html5.js"></script>
    <![endif]-->
  </head>

  <body>
    <div class="container">
      <h1>This is secured!</h1>
      <h2>
        I'm user
      </h2>
      <sec:authorize access="hasRole('ADMIN')">
	      <h3>
	      	<c:url var="adminUrl" value="/admin"/>
	      	<a href="${adminUrl}">Admin</a>
	      </h3>
      </sec:authorize>
      <%-- <sec:authorize ifAllGranted="ROLE_ADMIN, ROLE_USER" ifAnyGranted="ROLE_CHECKER" ifNotGranted="ROLE_MAKER"> --%>
      <!--  hasAnyRole([role1,role2]) -->
      <sec:authorize access="hasRole('ADMIN') and hasRole('CHECKER')">
      	<h3>
	      	<c:url var="checkerUrl" value="/checker"/>
	      	<a href="${checkerUrl}">Checker</a>
	      </h3>
      </sec:authorize>
      
      <c:url var="logoutUrl" value="/logout"/>
      <form class="form-inline" action="${logoutUrl}" method="post">
          <input type="submit" value="Log out" />
          <input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}"/> 
      </form>
    </div>
  </body>
</html>
